Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Third-Party Staff Risk Analyst
Company GE Aviation
Location Cincinnati, OH
Preferred GIAC Certifications GISF, GSEC, SEC440
Travel 25%
Salary Not provided
Contact Name Anonymous
Contact Email donotemail/at/
Expires 2022-07-29

Job Description

The Third-Party Risk Management team is looking to hire a full-time Cyber Investigator to assist in the development and operations of the Third Party Risk Management program. The ideal candidate will help develop an understanding of different third-party relationships an organization may have across different industries, the drivers that affect customer and supplier behaviors, and the controls and processes required to effectively manage and monitor.
Job Description
Roles and Responsibilities

Drive design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks
Educate the business on secure supply chain best practices and existing & emerging regulations
Provide leadership and domain expertise in cyber security for supply chain policy creation and organizational roll-out
Develop strategic roadmaps and tactical remediation plans for supply chain cyber security risk across the Aviation third party and supplier portfolio
Ensure cyber security tooling and underlying infrastructure is in place, aligned to regulatory and internal policy, and functioning correctly
Track and communicate engagement performance and planning to Third Party Risk Management management, ensuring milestones remain on track for timely completion
Engage in continuous learning of Third Party risk, processes, governance, and frameworks
Work cross functionally with team members to support and drive a collaborate team environment
Create metrics and reporting capabilities to continuously monitor identified risk areas
Generate innovative ideas and continuous improvement of current processes
Partner with other Aviation and GE business teams to develop secure solutions and build working relationships
Support the adoption of new technologies and help drive the implementation into the GE environment
Education Qualification

Bachelor’s degree from accredited university or college with minimum of 4 years of professional experience OR Associates degree with minimum of 7 years of professional experience OR High School Diploma with minimum of 9 years of professional experience

Minimum 3 years of professional experience in Third Party Risk

Note: Military experience is equivalent to professional experience

Eligibility Requirement:

-Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.

Desired Characteristics Technical Expertise:
Experience in data security disciplines as relevant to the following:

Risk assessment and risk management experience
Perform under minimal supervision with accountability to set priorities and objectives
Demonstrate collaboration, problem solving, and conflict management skills to ensure a productive work environment and the achievement of objectives
Knowledge of hardware security principles
An understanding of industry standard Risk Management methodologies and concepts such as (NIST, ISO, and CIS Controls)
Understanding the concept of infrastructure vulnerabilities, and basic principles of IT Security and IT networking.
CISSP/CISM/CISA certification